On Thu, May 22, 2014 at 11:25 PM, PAL 18 <[email protected]> wrote: > Does OSSEC support blocklists? (Dshield, Spamhaus, etc.) > > In particular, does it support automatically pulling the latest lists from > their update url's? >
No, but the ossec manager only runs on unix-like systems, so the interfaces to do that are readily available. It's fairly trivial to write a script to download, parse, and update a list of IPs/domains for OSSEC's cdb support. I've done it a number of times (it's an easy script for languages I'm playing with). > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
